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Abstract. The market for cloud computing can be considered as the 
major growth area in ICT. However, big companies and public authori¬ 
ties are reluctant to entrust their most sensitive data to external parties 
for storage and processing. The reason for their hesitation is clear: There 
exist no satisfactory approaches to adequately protect the data during its 
lifetime in the cloud. The EU Project Prismacloud (Horizon 2020 pro¬ 
gramme; duration 2/2015-7/2018) addresses these challenges and yields 
a portfolio of novel technologies to build security enabled cloud services, 
guaranteeing the required security with the strongest notion possible, 
namely by means of cryptography. We present a new approach towards 
a next generation of security and privacy enabled services to be deployed 
in only partially trusted cloud infrastructures. 

Keywords: Secure cloud computing, cryptography, privacy, informa¬ 
tion theoretic security, usability, security by design 


1 Introduction 

Today, cloud computing is already omnipresent and starts pervading all aspects 
of our life, whether in the private area or in the business domain. The annual 
market value related to cloud computing is estimated to be in the region of USD 
150 billion, and will probably grow by the year 2018 to around USD 200 bil¬ 
lion |35I32] . The European Commission (EC) promotes in its strategy ’’Digital 
Agenda for Europe / Europe 2020” the rapid adoption of cloud computing in 
all sectors of the economy to boost productivity. Furthermore, the EC concludes 
that “cloud computing has the potential to slash users’ IT expenditure and to 




enable many new services to be developed. Using the cloud, even the smallest 
firms can reach out to ever larger markets while governments can make their 
services more attractive and efficient even while reining in spending. ” M- 

However, besides these advantages of cloud computing, many new problems 
arise which are not yet sufficiently solved, especially with respect to informa¬ 
tion security and privacy. The fundamental concept of the cloud is storage and 
processing by a third party, i.e., the cloud or service provider, which actually 
invalidates the traditional view of a perimeter in IT security. In fact, the third 
party becomes part of the company’s own computation and storage IT infras¬ 
tructure albeit not being under its full control. This situation is very problematic 
and recent incidents show that economic incentives and legal tools used to in¬ 
crease trust in the service provider, e.g. Service Level Agreements, are by far not 
sufhcient to guard personal data and trade secrets against illegal interceptions, 
insider threats, or vulnerabilities exposing data in the cloud to unauthorized par¬ 
ties. While being processed by a provider, data is typically neither adequately 
protected against unauthorized read access, nor against unwanted modification, 
or loss of authenticity. Consequently, in the most prominent cloud deployment 
model today - the public cloud - the cloud service provider necessarily needs to 
be trusted. Security guarantees with respect to user data can only be given on 
a contractual basis and rest to a considerable extent on organisational (besides 
technical) precautions. Hence, outsourcing IT tasks to an external shared infras¬ 
tructure builds upon a problematic trust model. This situation inhibits many 
companies in the high-assurance and high-security area to benefit from external 
cloud offerings: for them confidentiality, integrity, and availability are of such 
major importance that adequate technical measures are required—but state-of- 
the-art ICT can currently not provide them. Moreover, individuals using public 
cloud services face a considerable privacy threat too, since they typically expose 
more information to services than required to perform the task. In all cases, in 
the end the cloud user is responsible for his or her data and outsourcing sensi¬ 
tive tasks to an external entity does not remove this burden. Therefore, novel 
security and privacy preserving methods need to be developed to facilitate cloud 
usage even for organisations dealing with sensitive information. 

In this work we present a new approach towards cloud security which is de¬ 
veloped by the Prismacloud consortium within the EU Horizon 2020 research 
framework. The vision of Prismacloud is to develop the next-generation of 
cryptographically secured cloud services with security and privacy built in by 
design. For us, the only reasonable way to achieve the required security properties 
for outsourced data storage and processing is by adopting suitable cryptographic 
mechanisms. Prismacloud shall impact through the development of next gen¬ 
eration secure cloud services (i) to achieve beneficial impact in society, industry, 
and research in Europe (ii) to remove a major inhibitor against cloud adoption 
in security relevant domains {in) by developing cloud applications, that preserve 
more privacy for citizens, {iv) for delivering input and strengthening the position 
of European industries, (v) to strengthen European research in a field with high 
research competition. 


2 A New Take on Cloud Security 

2.1 Relevance and Project Objectives 

The importance of security for cloud computing is now widely accepted [10115128] 
and security research for cloud computing is gaining tremendous momentum. It 
is of major importance for security research to catch up with the rapid devel¬ 
opments in cloud computing before the ongoing transition to the cloud reaches 
critical areas. Future solutions for cloud deployment must be secure by design 
and provide end-to-end security for users to the best extent possible. 

In the long-term, cloud computing will influence many important aspects of 
our lives and will likely have an enormous impact on our society. The European 
Commission already recognised the potential future impact of cloud computing 
for all of us and has issued a cloud computing strategy [14] to protect European 
citizens from potential threats, while simultaneously unleashing the potential of 
cloud computing, for both the industry/public sector as well as for individuals. 
Many initiatives with these goals are currently either ongoing, or are going to 
be formed in the nearer future, and a substantial effort is put into cloud secu¬ 
rity research through the EU-research framework. However, there are still many 
unsolved problems and there is ample room for innovation. We will contribute 
innovations to that field and are targeting the development of next-generation 
secure and trustworthy cloud environments. The ambition of Prismacloud is 
to build trustworthy cloud services on top of untrusted infrastructure by the 
development and application of adequate cryptography and methodologies. 

The main objectives of Prismacloud are: (i) to develop next-generation 
cryptographically secured services for the cloud. This includes the development 
of novel cryptographic tools, mechanisms, and techniques ready to be used in 
a cloud environment to protect the security of data over its lifecycle and to 
protect the privacy of the users. The security shall be based on ’by design’ 
principles, (ii) to assess and validate the project results by fully developing and 
implementing three realistic use case scenarios in the areas of e-government, 
healthcare, and smart city services, (in) to conduct a thorough analysis of the 
security of the final systems, their usability, as well as legal and information 
governance aspects of the new services. 

2.2 State of the Art 

Ongoing research activities like SECCRIT, Cumulus, and PASSIVlli] are ex¬ 
tremely valuable and will be setting the standards and guidelines for secure cloud 
computing in the next years. However, these approaches consider the cloud in¬ 
frastructure provider as being trustworthy in the sense that no information of 
the customers, i.e., tenants, will be leaked, nor their data will be tampered with. 
The cloud infrastructure provider, however, has unrestricted access to all phys¬ 
ical and virtual resources and thus absolute control over all tenants’ data and 

^ EU-FP7: http://www.seccrit.eu/, http://www.cuinulus-project.eu/, 
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resources. The underlying assumption is, that if the cloud provider performs ma¬ 
licious actions against its customers, in the long run, he or she will be put out of 
business - if such doings are revealed. However, this assumption is very strong, 
especially considering the ongoing revelation of intelligence agencies’ data gath¬ 
ering activities. Data disclosure may even be legally enforced in a way completely 
undetectable by the cloud provider’s customers. 

Through auditing and monitoring of cloud services, some of the malicious 
behaviour of outsiders and insiders (e.g. disgruntled employees with administra¬ 
tor privileges) may be detectable ex-post, however, that does not help a specific 
victim to prevent or survive such an attack. Moreover, advanced cyber-attacks 
directly targeting a specific victim can barely be detected and prevented with 
cloud auditing mechanisms or anomaly detection solutions. These methods are 
more efficient for the detection of large scale threats and problems and for mak¬ 
ing the infrastructure itself resilient, while keeping an acceptable level of service. 

Other projects, like TClouds and PRACTICE0 take cloud security a step 
further: TClouds already considers the impact of malicious provider behaviour 
and tries to protect users. However, it is not strongly focusing on comprehen¬ 
sive integration of cryptography up to the level of end-to-end security. PRAC¬ 
TICE, in contrast, is well aligned with our idea of secure services. However, it 
focuses mainly on the preservation of data confidentiality for processing, when 
outsourced to the cloud. This is achieved by means of secure multiparty compu¬ 
tations and concepts from fully homomorphic encryption. Prismacloud is com¬ 
plimentary to these concepts and enhance them with cryptographic primitives 
for the verification of outsourced computation and other relevant functionality 
to be carried out on the data in the untrusted cloud. 

Research activities in context of privacy in cloud computing were and are 
currently conducted by various projects like ABC4Trust, AdCloud and AU2Etll. 
Prismacloud complements these efforts by relying on and further developing 
privacy-enhancing technologies for the use in cloud based environments. 

2.3 Main Goal and Innovations 

The main goal of Prismacloud is to enable the deployment of highly critical 
data to the cloud. The required security levels for such a move shall be achieved 
by means of novel security enabled cloud services, pushing the boundary of 
cryptographic data protection in the cloud further ahead. Prismacloud core 
innovations include: (z) Techniques for outsourcing computation with verifiable 
correctness and authenticity-preservation for allowing secure delegation of com¬ 
putations to cloud providers, (ii) The provision of cryptographic techniques for 
the verihcation of claims about the secure connection and configuration of the 
virtualized cloud infrastructures. (Hi) Addressing user privacy issues by cryp¬ 
tographic data minimization and anonymization technologies, {iv) Improving 
anonymization techniques for very large data sets in terms of performance and 

^ EU-FP7: http://www.tclouds-project.eu, http://www.practice-project.eu/ 
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utility, (v) A distributed multi-cloud data storage architecture for sharing data 
among several cloud providers and thus improving data security and availabil¬ 
ity. Dynamically updating distributed data by means of novel techniques shall 
avoid vendor lock-in and promote a dynamic cloud provider market, while pre¬ 
serving data authenticity and facilitating long term data privacy with proac¬ 
tive secret sharing, (vi) Advanced format and order preserving encryption and 
tokenisation schemes for seamless integration of encryption into existing cloud 
services, (vii) The Prismacloud work program is complemented with activities 
addressing secure user interfaces, secure service composition, secure implemen¬ 
tation in software and hardware, security certification, and an impact analysis 
from an end-user view. In order to converge with the European Cloud Com¬ 
puting Strategy, a strategy for the dissemination of results into standards is 
developed, {viii) As feasibility proof, three use cases from the fields of SmartC- 
ity, e-Government, and e-Health will be fully implemented and evaluated by the 
project participants. 

3 Verifiability of Data, Processing and Infrastrnctnre 

3.1 Verifiable and Authenticity Preserving Data Processing 

Verihable computing aims at outsourcing computations to one or more untrusted 
processing units in a way that the result of a computation can be efficiently 
checked for validity. General purpose constructions for verifiable computations 
have made significant process over the last years [36], there are already various 
implemented systems which can be deemed nearly practical, but are not yet 
ready for real-world deployment. Besides general purpose systems, there are 
other approaches that are optimized for specific (limited) classes of computations 
or particular settings, e.g, mm- 

In addition to verifiability of computations, another interesting aspect is to 
preserve the authenticity of data that is manipulated by computations. Tools 
for preserving authenticity under admissible modifications are (fully) homomor¬ 
phic signatures (or message authentication codes) |7] . Besides this general tool, 
there are signatures with more restricted capabilities, like redactable signatures 
introduced in [24134] . which have recently shown to offer interesting applica¬ 
tions [3TT2T] . These and other functional and malleable signatures will be devel¬ 
oped further within Prismacloud to meet requirements set by cloud applica¬ 
tions. 

By combining these cryptographic concepts, Prismacloud aims at provid¬ 
ing tools that allow to realize processes (with potentially various participating 
entities) that guarantee to preserve the authenticity and provide verifiable of 
involved data and computations respectively. 

3.2 Integrity and Certification of Virtualized Infrastructure 

The area of structural integrity and certification of virtualized infrastructures 
bridges between three areas: attestation of component integrity, security assur¬ 
ance of cloud topologies and graph signatures to connect these areas. 










Attestation is the process in which a trusted component asserts the state of a 
physical or virtual component of the virtualized infrastructure, on all the layers 
of it. Cloud security assurance refers to a research area and line of cloud security 
tools, in which recent proposals included the analysis of cloud topologies for se¬ 
curity properties. Graph signatures, that is, signatures on committed graphs are 
a new primitive we investigate within Prismacloud. Such a signature scheme 
allows a recipient of a signature to commit a hidden graph and have an issuer 
sign the recipient-committed graph while joining it with an issuer-committed 
graph. The resulting signature allows the recipient to prove in zero-knowledge 
properties of the graph, such as connectivity isolation. 

Within Prismacloud we develop and optimize the use of graph signatures 
for practical use in virtualized infrastructures. Their application allows an audi¬ 
tor to analyse the configuration of a cloud, and issue a signature on its topology. 
The signature encodes the topology as a graph in a special way, such that the 
cloud provider can use it to prove in zero-knowledge high-level security properties 
such as isolation of tenants to verifiers, such as the tenants, without disclosure 
of secret information. Further, we will bride between cloud security assurance 
and verification methodology and certification by establishing a framework that 
issues signatures and proves security properties based on standard graph models 
of cloud topologies and security goals in formal language (VALID). 

4 User Privacy Protection and Usability 

4.1 Privacy Preserving Service Usage 

For many services in the cloud it is important that users are given means to 
prove their authorisation to perform or delegate a certain task. However, it is not 
always necessary that users reveal their full identity to the cloud, but only prove 
by some means that they are authorised, e.g., possess certain rights. The main 
obstacle in this context is, that a cloud provider must still be cryptographically 
reassured that the user is authorised. 

Attribute-based anonymous credential (ABC) systems have proved to be an 
important concept for privacy-preserving applications as they allow users to 
authenticate in an anonymous way without revealing more information than 
absolutely necessary to be authenticated at a service and there are strong efforts 
to bring them to practicfl Well known ABC systems are for instance the multi¬ 
show system Idemix and the one-show system U-Prove [53]. Recently also 
some alternative approaches for ABC systems from malleable signature schemes 
|6l9j and a variant of structure-preserving signatures [22] have been proposed. 

In Prismacloud we aim at improving the state of the art in anonymous cre¬ 
dential systems and group signature schemes with a focus on their application 
in cloud computing services. Besides traditional application such as for anony¬ 
mous authentication and authorization we will also investigate their application 
to privacy-preserving billing |11I33] for cloud storage and computing services. 

e.g., ABC4Trust: https://abc4trust.eu/ 





4.2 Big Data Anonymization 

Anonymizing data sets is a problem which is often encountered when providing 
data for processing in cloud applications in a way, that a certain degree of privacy 
is guaranteed. However, e.g. achieving optimal fc-anonymity is known to be an 
NP-hard problem. Typically, researchers have focused on achieving /c-anonymity 
with minimum data loss, thus maximizing the utility of the anonymised results. 
But all of these techniques assume that the dataset to be anonymised is relatively 
small (and fits into computer memory). In the last few years several attempts 
have been made to tackle the problem of anonymising large datasets. 

In Prismacloud, we aim to improve existing anonymisation techniques in 
terms of both performance and utility (minimizing information loss) for very 
large data sets. We strive to overcome deficiencies in current mechanisms, e.g. 
size limitations, speed, assumptions about quasi-identifiers, or existence of total 
ordering, and implement a solution suitable for very large data sets. In addition, 
we propose to address issues related to distribution of very large data sets. 

5 Securing Data at Rest 

5.1 Confidentiality and Integrity for Unstructured Data 

Protecting customer data managed in the cloud from unauthorised access by the 
cloud provider itself should be one of the most basic and essential functionalities 
of a cloud system. However, the vast majority of current cloud offerings does 
not provide such a functionality. One reason for this situation is, that current 
cryptographic solutions can not be easily integrated without drastically limiting 
the capabilities of the storage service. 

In PRISMACLOUD, we aim at researching and developing novel secure stor¬ 
age solutions with increased flexibility based on secret sharing. Secret sharing 
was invented in the late nineteen-seventies and has become a vital primitive in 
many cryptographic tasks. It can also be used to provide confidentiality for data 
at rest with strong security in a key-less manner when working in a distributed 
setting. Various systems have been proposed during the last years, but most of 
them work in rather naive single user approaches and require a trusted proxy 
in their setting. First approaches to support multiple users have been proposed 
in a combination with quorum based meta-data management, but still rely on 
passive storage nodes. Recently, a new type was proposed, using active nodes 
to fully delegate secure multi-user storage to the cloud. It combines efficient 
Byzantine protocols with various types of secret sharing protocols to cope with 
different adversary settings in a flexible way. However, many desired features, as 
well as a trustworthy distributed access control mechanism are still missing. 

Our goal is to develop efficient and flexible secret sharing based storage so¬ 
lutions for dynamic environments, like the cloud, supporting different adversary 
models (active, passive, mixed). The research will focus on the design of multi¬ 
user storage systems in a distributed fashion, without single-point-of-trust and 
single-point-of-failure and how they can be extended with access privacy. 



5.2 Long-term Security Aspects and Everlasting Privacy 

To provide protection goals, such as integrity, authenticity, and confidentiality 
in the long-term, classic cryptographic primitives like digital signatures and en¬ 
cryption schemes are not sufficient. They become insecure when their security 
properties are defeated by advances in computer power or cryptanalytic tech¬ 
niques. Thus, the only approach known to address long-term confidentiality is 
by using proactive secret sharing, e.g. [50]. In this approach, the data is split into 
several shares that are stored in different locations and are renewed from time 
to time. Although secret sharing is needed to provide long-term confidentiality, 
there is no approach that considers performing publicly or privately verifiable 
computations or integrity preserving modifications on secret shares yet. Besides 
the distributed storage of data, to provide everlasting privacy (or conhdential- 
ity) for data processed in a publicly verifiable manner, the information published 
for auditing needs to be information-theoretically secure. Only a few solutions 
address this and only for specific problems, such as verifiable anonymisation of 
data m and verifiable tallying of votes, e.g. |5^. No general applicable solution 
is provided, nor do existing approaches show how authenticated data can be 
processed in a publicly verifiable way. Therefore, we aim at providing solutions 
for proactive secret sharing of authenticated data and techniques that allow for 
privately and publicly verifiable computations. 

5.3 Cryptography for Seamless Service Integration 

Considering existing applications in the cloud, it may be impossible to trans¬ 
parently add security features later on, e.g., to store encrypted data in the 
same database table used for unencrypted data, and applications running on 
the database may be unable to use the encrypted data, causing them to crash 
or alternatively, to output incorrect values. Standard encryption schemes are 
designed for bit-strings of a fixed length, and can therefore significantly alter the 
data format, which may cause disruptions both in storing and using the data. 

To address this problem, techniques like Format-Preserving Encryption (FPE), 
Order-Preserving Encryption (OPE) and Tokenizaiton have emerged as most 
useful tools. In FPE schemes the encrypted ciphertexts have the same format as 
the messages, i.e. they can be directly applied without adapting the application 
itself. OPE schemes on the other hand, maintain the order between messages in 
the original domain, thus allowing execution of range queries on encrypted data. 

In Prismacloud we aim to address the shortcomings of the existing FPE 
and OPE schemes. It can be shown that existing FPE schemes for general for¬ 
mats, e.g. name, address, etc., are inefficient, lack in their security level, and do 
not provide a clear way for format definition, thus making them practically un¬ 
usable. We propose to address both issues (security and efficiency) and develop 
an FPE scheme for general formats that: (i) is more efhcient; (ii) provides an ac¬ 
ceptable security guarantee; (in) supports complex format definition; (iv) could 
be employed to solve practical problems, e.g. data sharing for cluster of private 
clouds. For OPE we aim to analyze further the existing approaches from both 


security and performance perspectives (and/or develop our own technique) and 
implement the option that provides a suitable security-functionality trade-off for 
a given set of applications/use cases. 

6 Methodology, Tools and Guidelines for Fast Adoption 

6.1 Holistic Security Models 

The paradigm of service orientation |13j has increasingly been adopted as one 
of the main approaches for developing complex distributed systems out of re¬ 
usable components called services. We want to use the potential benefits of this 
software engineering approach, but not build yet another semi-automated or 
automated technique for service composition. However, combining the building 
blocks of Prismacloud correctly would require the developers to have a solid 
understanding of their cryptographic strength. 

To allow composing the building blocks into secure higher level services, we 
will identify which existing models for the security of compositions are adequate 
to deal with the complexity and heterogeneity. Prismacloud will adopt work¬ 
ing and established solutions and assumes that the working way of composing 
services can be a way to allow secure composition. When each service can be de¬ 
scribed using standard description languages this allows extending composition 
languages [3] to provide further capabilities, e.g., orchestrations, security, trans¬ 
action, to service-oriented solutions [30]. In Prismacloud we want to reduce the 
complexity further, just like recently, mashups m of web APIs provided means 
for non-experts to define simple workflows. Within Prismacloud we will de¬ 
velop a description of not only the functionality of each cryptographic building 
block but also of their limitations and composability. 


6.2 Human Computer Interaction (HCI) Concepts 

Cryptographic concepts such as secret sharing, verifiable computation or anony¬ 
mous credentials, are fundamental technologies for secure cloud services and to 
preserve end users’ privacy by enforcing data minimization. End users are still 
unfamiliar with such data minimization technologies that are counterintuitive 
to them and for which no obvious real-world analogies exist. In previous HCI 
studies, it has been shown that users have therefore difficulties to develop the 
correct mental models for data minimisation techniques such as anonymous cre¬ 
dentials m or the new German identity card [23]. Moreover, end users often 
do not trust the claim that such privacy-enhancing technologies will really pro¬ 
tect their privacy [1]. Similarly, users may not trust claims of authenticity and 
verifiability functionality of malleable and of functional signature schemes. In 
our earlier research work, we have explored different ways in which compre¬ 
hensive mental models of the data minimization property of anonymous cre¬ 
dentials can be evoked on end users m- Prismacloud extends this work by 
conducting research on suitable metaphors for evoking correct mental models 


for other privacy-enhancing protocols and cryptographic schemes used in Pris- 
MACLOUD. Besides, it researches what social trust factors can establish trust in 
Prismacloud technology and how this can be matched into the user interfaces. 


6.3 Secure Cloud Usage for End-Users 

The cloud computing services market is currently soaring and already in the 
range of USD 100 billion, with an outlook onto a bright economic future with 
projected steep annual growth rates varying between 10 and 20% |35l32j . The 
huge interest in influencing market development and securing a proper share 
of the market is also visible in the manifold industry-driven standardization ef- 
fortfl Following Key Action 1 “Cutting through the Jungle of Standards” of 
the European Commission’s Cloud Computing Strategy mi, we will take a cau¬ 
tious approach with regard to a potential introduction of project results into a 
standardization process. 

The crucial role of data security in cloud applications is widely recognized. 
Previous studies have shown the vulnerability of information and communication 
technology systems, and especially also of cloud systems, to illegal and criminal 
activities m- We will take a critical appraisal of the secure cloud systems pro¬ 
posed in Prismacloud and will analyze, whether they live up to the security 
promises in practical application. We will give an indication for individuals, and 
for corporate and institutional security managers, what it means in practice to 
entrust sensitive data in specific use cases to systems claiming to implement, 
e.g.,“everlasting privacy” m- 

Besides licit use, we will assess the impact of potential criminal uses and 
misuses of the secure cloud infrastructures to foster, enhance, and promote cy¬ 
bercrime. We want to anticipate threats resulting from misuse, deception, hijack¬ 
ing, or misappropriation by licit entities. We will map implications originating 
in technical details and in the operation or usage of systems in specific environ¬ 
ments, to high level security objectives which can be understood and relied on 
in high-level security management practice |25) . 

7 Conclusion 

According to the importance of the project goals, i.e., to enable secure depend¬ 
able cloud solutions, Prismacloud will have a significant impact in many areas. 
On a European level, Prismacloud’s disruptive potential of results lies in its 
provision of a basis for the actual implementation and deployment of security 
enabled cloud services. Jointly developed by European scientists and industrial 
experts, the technology can act as an enabling technology in many sectors, like 
health care, e-government, smart cities. Increasing adoption of cloud services, 
with all its positive impact on productivity, and creation of jobs may be stimu¬ 
lated. On a societal level, Prismacloud potentially removes a major roadblock 

® several consortia are listed at http://cloud-staiidards.org 





towards the adoption of efficient cloud solutions to a potential benefit of the 
end-users. Through the use of privacy-preserving data minimization functional¬ 
ities, and depersonalization features, the amount of data being collected about 
end-users may effectively be reduced, maintaining the full functionality of the 
services. We will explicitly analyse potential negative consequences, and po¬ 
tential misuses (cybercrime) of secure cloud services. The potential impact for 
European industry is huge: Prismacloud results may contribute to pull some 
of the business currently concentrated in the United States of America to Europe 
and create sustainable business opportunities for companies in Europe. Equally 
important is the potential impact of Prismacloud for the European scientific 
community, as its results will be very much on the edge of scientific research. 
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